Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in Elasticsearch, where a large recursion using the Well-KnownText formatted string with nested GeometryCollection objects could cause a stackoverflow.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
未加控制的资源消耗(资源穷尽)
Vulnerability Title
Elastic Elasticsearch 资源管理错误漏洞
Vulnerability Description
Elastic Elasticsearch是荷兰Elastic公司的一个基于Lucene库的搜索引擎。 Elastic Elasticsearch 7.17.0版本至7.17.23版本和8.0.0版本至8.15.0版本存在资源管理错误漏洞,该漏洞源于处理带有嵌套GeometryCollection对象的格式字符串时存在递归问题,可能导致堆栈溢出。
CVSS Information
N/A
Vulnerability Type
N/A